Privacy in Ubuntu 12.10: Amazon Ads and Data Leaks

Earlier this month the eagerly awaited free software operating system Ubuntu 12.10 was released, and it includes a slew of new features (YouTube link), some of which have infuriated users because of privacy concerns.

Over the last couple of years Canonical Ltd, the company that develops Ubuntu, has been pushing the Ubuntu desktop in new directions with the desktop environment called Unity. A key feature of Unity is Dash, a single place to search for apps, documents, music, and other data on your computer. Starting with the latest release of Ubuntu, Dash is also starting to search the Internet for you. While some people find this convenient, others find it a violation of their privacy. Luckily, Ubuntu makes it easy to turn this off. Scroll down to "How to Disable Amazon Ads and Data Leaks" to learn how.

We are not telling Amazon what you are searching for. Your anonymity is preserved because we handle the query on your behalf. Don’t trust us? Erm, we have root. You do trust us with your data already. You trust us not to screw up on your machine with every update. You trust Debian, and you trust a large swathe of the open source community. And most importantly, you trust us to address it when, being human, we err.

Technically, when you search for something in Dash, your computer makes a secure HTTPS connection to productsearch.ubuntu.com, sending along your search query and your IP address. If it returns Amazon products to display, your computer then insecurely loads the product images from Amazon's server over HTTP. This means that a passive eavesdropper, such as someone sharing a wireless network with you, will be able to get a good idea of what you're searching for on your own computer based on Amazon product images.

It's a major privacy problem if you can't find things on your own computer without broadcasting what you're looking for to the world. You could be searching for the latest version of your résumé at work because you're considering leaving your job; you could be searching for a domestic abuse hotline PDF you downloaded, or legal documents about filing for divorce; maybe you're looking for documents with file names that will gave away trade secrets or activism plans; or you could be searching for a file in your own local porn collection. There are many reasons why you wouldn't want any of these search queries to leave your computer.

It's Not Just Amazon

The new version of Dash that comes with Ubuntu 12.10 introduces more than just Amazon ads. It includes a new legal notice that you can see by clicking the "i" in the corner of Dash that states that by using Dash, you automatically agree to send your search term and IP address to a number of third parties.

Unless you have opted out, we will also send your keystrokes as a search term to productsearch.ubuntu.com and selected third parties so that we may complement your search results with online search results from such third parties including: Facebook, Twitter, BBC and Amazon. Canonical and these selected third parties will collect your search terms and use them to provide you with search results while using Ubuntu.

Ubuntu's Third Party Privacy Policies page lists all of the third parties that they may send your search term and IP address to, and states: "For information on how our selected third parties may use your information, please see their privacy policies." In other words, once they give your data away, it's no longer their problem.

Canonical is not clear about which third parties it sends data to and when, but it appears that many of these third parties only get searched in certain circumstances. Ubuntu's new Online Accounts feature lets you authorize Ubuntu to use your accounts from Facebook, Twitter, Google, Flickr and other services for Ubuntu apps. Dash will likely search these services for photos, documents, and other content only after you've authorized Ubuntu to use them.

Canonical has been listening to feedback from Ubuntu users and they are working on improvements to Dash, such as loading Amazon images over HTTPS to prevent eavesdroppers from learning what users search for, and NSFW filters so that pornography doesn't appear in Dash. These changes are great, but it doesn't change the fact that users' search queries automatically get sent to third party companies without giving users a chance to opt-in.

Even loading Amazon product images over HTTPS instead of HTTP, the fact that they are loaded directly from Amazon's servers instead of from Canonical's means that Amazon has the ability to correlate search queries with IP addresses. One way to fix this would be if Canonical proxied all third party images and other content for Ubuntu users.

How to Disable Amazon Ads and Data Leaks

You can uninstall Dash's Amazon integration by removing the package called unity-lens-shopping from your computer. If you are currently using Ubuntu 12.10, you can click here to open unity-lens-shopping in Ubuntu Software Center, and then click the "Remove" button on the right. You can also uninstall it by opening the Terminal app and typing:

sudo apt-get remove unity-lens-shopping

If you want Dash to only search your local computer and not search the Internet at all, you can open the Privacy app and switch "Include online search results" from on to off, as pictured below.

Finally, if you don't like the direction that Unity is going but you still like the Ubuntu operating system, you can switch to a different desktop environment altogether such as GNOME 3, KDE, or Cinnamon.

You can get GNOME 3 by installing the package called gnome-shell. You can get KDE by installing the package called kde-full. And you can get Cinnamon by adding the Cinnamon PPA to your repositories and then installing the package called cinnamon. Once you have installed a new desktop environment, you can choose which one you want to use from your login screen. Click the Ubuntu logo next to your username to change your desktop environment.

What EFF Wants From Ubuntu

Ubuntu is the third most popular desktop operating system, and it's the most popular free software one. Many of EFF's employees run Ubuntu on their own computers. Here is what we would like to see from future versions of Ubuntu.

Disable "Include online search results" by default. Users should be able to install Ubuntu and immediately start using it without having to worry about leaking search queries or sending potentially private information to third party companies. Since many users might find this feature useful, consider displaying a dialog the first time a user logs in that asks if they would like to opt-in.

Explain in detail what you do with search queries and IP addresses, how long you store them, and in what circumstances you give them to third parties.

Make the Search Results tab of the Privacy settings let users toggle on and off specific online search results. Some users might want Amazon products in their search results, but never anything from Facebook.

We love that Ubuntu is bold enough to break new ground and compete directly with the large proprietary operating systems, but please make sure that you respect your users' privacy and security while you're doing it. Windows and Mac users are used to having their data sent to third parties without their express consent by software companies that are trying to maximize profits for their shareholders. Let's make sure Ubuntu, like the GNU/Linux operating system at its heart, remains an exception to this.

Stay tuned for part two of Privacy in Ubuntu 12.10, where we will talk about new Ubuntu privacy features that we really like.

Related Updates

The government recently revealed for the first time that federal agents maintained an open investigation of our client, Academy Award-winning documentary filmmaker Laura Poitras, for six years despite never finding any evidence that she committed a crime or was a threat to national security. Coming up empty handed after...

EFF Senior Staff Attorney Jennifer Lynch and Investigative Researcher Dave Maass last night received the First Amendment Coalition’s 2017 Free Speech & Open Government Award in recognition for their work bringing transparency and accountability to law enforcement’s collection and use of automated license plate...

A bill to extend one of the NSA’s most powerful surveillance tools, and further peel back American civil liberties, was approved today by the House Permanent Select Committee on Intelligence in a strict party line vote (12-8), with Republican members voting in the majority. The committee and the public had...

Thrown last-minute into a torrent of competing legislation, a new bill meant to expand the NSA’s broad surveillance powers is the most recent threat to American privacy. It increases who is subject to surveillance, allows warrantless search of American communications, expands how collected data can be used, and treats constitutional...

Washington, D.C. - The Electronic Frontier Foundation (EFF) filed suit against the Department of Justice, the Department of Commerce, and the Department of Homeland Security today, demanding records about the agencies’ work on the federal Tattoo Recognition Technology program. This secretive program involves a coalition of government, academia, and...

Securely browsing the Internet—even when you know what you’re doing—is tough. That’s partly why, nearly seven years ago, EFF worked together with The Tor Project to develop a privacy tool called HTTPS Everywhere, which automatically provides users with secure, encrypted connections to websites when available. While HTTPS Everywhere can be...

Millions of users are trying to protect their privacy from commercial tracking online, be it through their choice of browser, installation of ad and tracker blocking extensions, or use of a Virtual Private Network (VPN). This guide focuses on how to correctly configure the blocking extension in your browser to...

Today we’re launching a new version of Panopticlick, an EFF site which audits your browser privacy protection. Conceived to raise awareness about the threat of device fingerprinting, Panopticlick was extended in December 2015 to check for protection against tracking by ads and invisible beacons. This new update...

Take the language of one NSA surveillance reauthorization bill and add a few strong reform proposals from another, and what do you get? A bill that helps protect Americans from the warrantless search of the content of their emails, text messages, and digital communications. On November 17, Senators Patrick Leahy...

Three years ago, EFF exposed how hundreds of law enforcement agencies were putting families at risk by distributing free ComputerCOP “Internet safety” software that actually transmitted keystrokes unencrypted to a third-party server. Our report also raised serious questions about whether the company was deceiving government agencies by circulating a...